Malware Plagues London Stock Exchange Web Site

A third-party ad network served up malicious ads on the London Stock Exchange web site.

The London Stock Exchange can't seem to catch a break. Less
than 48 hours after a technical glitch stopped all trading, Google flagged the
stock exchange's Web site for malware.

Users trying to get to londonstockexchange.com via Google
Chrome or Mozilla Firefox were shown a warning page on Feb. 27 that warned the
site may contain malware. Chrome and Firefox both use Google's malware
blocklist to flag suspected sites.

Merely viewing the stock exchange's main homepage caused
malware to be downloaded in a drive-by attack, Paul Mutton, an information
security consultant based in Wiltshire, England, wrote on the High
Severity security blog. He was alerted to the issue by some users on
Twitter.

Google's
Safe Browsing feature provides diagnostic information for the site's
malware history. "Of the 281 pages we tested on the site over the past 90 days,
65 page(s) resulted in malicious software being downloaded and installed
without user consent," the diagnostic page read on Sunday. The diagnostic page
claimed to have found two scripting exploits, two Trojans, and one exploit. A
successful infection resulted in an average of five new processes on the
compromised machine, according to the page.